Use the ktinactrl command to manage and configure VPN (TINA) tunnel traffic.
Options
You can use the following options with the ktinactrl command:
start
Loads the ktina module.
stop
Stops the ktina module. Also shuts down tunnels and personal networks.
tunnel
Opens the directory for tunnel operations. You can use the following commands with ktinactrl tunnel:
Command | Description |
---|---|
show | Displays the tunnel details for all VPN tunnels that are configured on the Barracuda CloudGen Firewall. |
new <tunnel-name> | Creates a new VPN tunnel with the specified name. |
delete tunnel-name > | Deletes the specified VPN tunnel. |
flush | Terminates all tunnels and flushes the cache. |
transport
Command | Description |
---|---|
show | Displays the orphaned transport count. |
new <transport-name> | Creates a new transport with the specified name. |
status value | Displays all status value settings for the tunnel transport. |
rate <INDEX> | Displays the transport rate according to the VPN Interface Index. |
setrate NAME ID policy(0,1,2) guess(KBs) min(KBs) top(%) bot(%) | Specifies the transport rate for the VPN tunnel. |
windowsize | Specifies the window size. |
hcset | Displays all status value settings for the tunnel compression. Use this command to e nable or disable high compression and specify compression settings. |
hcparam | Sets the parameters for high compression if enabled. |
[hbidle hbtrys hbtimeout] NAME ID VALUE | Displays heartbeat idle, tries, and timeout of the specified VPN transport. |
shaping NAME ID VALUE | Displays all shaping settings for the tunnel transport. |
spi
Command | Description |
---|---|
show | Displays the orphaned SPI count. |
new NAME | Renews the SPI count for a specified tunnel. |
route
Command | Description |
---|---|
show | Displays all routing entries created by the VPN service. |
new <tunnel-name> | Refreshes the routing table for the specified tunnel. |
show l wc -l | Checks the maximum number of possible routing entries. By default, the maximum number of entries for one routing table is 10,000. |
lookup
Command | Description |
---|---|
in <address> <spi-num> | Performs a routing lookup and shows inbound traffic details. |
out <source-address> <destination-address> | Displays outbound traffic details. |
meth
Command | Description |
---|---|
show | Displays all available encryption methods ( cipher, esp, hash, compress). |
hash <meth_name> <input filename> | Allows setting the hashing algorithm using SHA-256 and SHA- 512. |
crypt <meth_name> <input filename> [output filename] | Specifies the settings for file encryption. |
esp <meth_name> <input filename> [output filename] | Specifies the settings for esp encryption. |
decrypt <meth_name> <input filename> [output filename] | Decrypts the specified file. |
hash <meth_name> <filename> | Specifies the settings for hash encryption. |
comp <meth_name> <filename> [stream] | Compresses a specified file. |
perf [junk=<size>] all|<meth_name> | Calculates the possible VPN throughput for each cipher set depending on the hardware. |
udp
Command | Description |
---|---|
get | Displays the configured UDP ports. |
set address:port[,address2:port2[,addressn:portn .... ]] | Specifies the settings for UDP. |
cache
Command | Description |
---|---|
get | Displays information about the cache. |
set address:port[,address2:port2[,addressn:portn .... ]] | Specifies cache control settings. |
personal
Command | Description |
---|---|
show | Displays personal networks if configured. |
add NET [NET ...] | Adds the specified personal networks. |
del NET [NET ...] | Deletes the specified personal networks. |
used | Displays personal network addresses that have been used. |
last | Displays the last address that was used. |
flush | Flushes the cache. |
reserved
Command | Description |
---|---|
show | Displays all reserved address and networks. |
add NET [NET ...] | Adds the specified reserved addresses. |
set NET [NET ...] | Sets the specified addresses as reserved. |
del NET [NET ...] | Deletes the specified network addresses. |
flush | Flushes the cache. |
boxrate
Command | Description |
---|---|
set maxlimit(in bytes) | Sets the box rate limit. |
mils
Command | Description |
---|---|
[show] | Allows to use mils specific operations. |
show | Shows mils specific operations. |
cipher
Command | Description |
---|---|
show | Shows external cipher operations. |
load <filename> <ciphername> | Loads external operations for selected files and ciphers. |
unload <ciphername> | Unloads external operations for selected ciphers. |
flush | Flushes the cache. |
stream
Command | Description |
---|---|
get | Gets stream compression limits. |
set maxlimit(in bytes) udplimit(in percent of maxlimit) | Sets stream compression limits. |
cyclemeth
Command | Description |
---|---|
show | Displays transport packet cycle methods. |
pkt (set to per packet cycling) | Specifies the settings for the packet archiver. |
size SIZE (set to SIZE threshold cycling) | Sets the size for threshold cycling. |
wanopt
Command | Description |
---|---|
rules | Shows wanopt rules. |
stats | Shows wanopt stats. |
tune
Command | Description |
---|---|
deferred get | Displays all tunnel parameter settings. |
deferred set 0/1 | Specifies tuning parameters settings. |
rdev
Command | Description |
---|---|
showt | Displays the routed devices that have been configured. |